Articles Hackers Sell RDP, DDoS attacks and payment card data...

Hackers Sell RDP, DDoS attacks and payment card data on the darknet


Cybersecurity researchers at Flashpoint reported rising prices for access to RDP servers, stolen payment card data, and a DDoS-as-a-service business model in underground forums and marketplaces.

“As a result of the pandemic and related global trends, the demand for malicious and illegal goods, services and stolen data has reached a new peak in the darknet markets. We have seen what can be described as impressive, insightful innovations across the entire cybercrime ecosystem, ”said the experts.

After in-depth research into the underground market, experts found that the prices of stolen payment card data rose sharply in 2020 – from $ 14.64 in 2019 to $ 20.16 in 2020. Meanwhile, the price of payment card dumps also increased from $ 24.19 in 2019 to $ 26.50 on average in 2020.

Microsoft’s proprietary Remote Desktop Protocol, used to give system administrators the ability to remotely connect to corporate devices and to update servers, continues to be a favorite with cybercriminals. The popularity of RDP lists among cybercriminals continues to grow. On underground marketplaces in 2020, the prices for RDP access differ: global administrative access costs $ 10, and hacked RDP – $ 35.

Meanwhile, according to the researchers, prices for DDoS services have been on the rise since 2017. Whereas in 2017 the standard offers of DDoS mercenaries rarely exceeded $ 27, in 2020 a 10-minute DDoS attack (60 Gbps) costs $ 45, and a four-hour DDoS attack (15 Gbps) costs an average of $ 55. The price for a fully managed DDoS attack is $ 165. Several factors are behind the rise in prices, the researchers said.

“First, the shutdown of larger websites must be tailor-made due to improvements in DDoS protection offerings and widespread use of content distribution networks that are beyond the reach of all but the most advanced criminals. However, there are still cases where attackers can successfully attack large resources, for example, disabling Wikipedia with a DDoS attack in September 2019. ”

DDoS services that charge hourly rates are also becoming more popular, they said.

The cost of sensitive data for fraudulent schemes and automated cyber attacks is on the rise again. For example, the cost of recording the so-called “dumps” of payment cards, that is, complete information about the card, has increased by 225% since 2018. High demand for stolen identity also includes Fullz lists, which contain various combinations of identity and banking information such as bank logs, routing numbers, payment cards, government-issued IDs, and personal information, including records of social security numbers or dates. birth.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you